DSA-1716-1 vnc4 -- integer overflowID: oval:org.secpod.oval:def:600387 | Date: (C)2011-05-13 (M)2022-10-10 |
Class: PATCH | Family: unix |
It was discovered that xvnc4viewer, a virtual network computing client software for X, is prone to an integer overflow via a malicious encoding value that could lead to arbitrary code execution. For the stable distribution this problem has been fixed in version 4.1.1+X4.3.0-21+etch1. For the unstable distribution this problem has been fixed in version 4.1.1+X4.3.0-31. For the testing distribution this problem will be fixed soon. We recommend that you upgrade your vnc4 packages.